create-claude-cabinet 0.18.0 → 0.19.1

package/README.md

@@ -1,7 +1,7 @@
 # Claude Cabinet
 
 A cabinet of expert advisors for your Claude Code project. One command
-gives Claude a memory, 27 domain experts, a planning process, and the
+gives Claude a memory, 30 domain experts, a planning process, and the
 habit of starting sessions informed and ending them properly.
 
 Built by a guy who'd rather talk to Claude than write code. Most of it
@@ -12,7 +12,7 @@ was built by Claude. I just complained until it worked.
 Your project gets a cabinet — specialist advisors who each own a domain
 and weigh in when their expertise matters:
 
-- **Cabinet members** — 27 domain experts (security, accessibility,
+- **Cabinet members** — 30 domain experts (security, accessibility,
   architecture, QA, etc.) who review your project and surface what
   you'd miss alone
 - **Briefings** — project context members read before weighing in
@@ -78,7 +78,7 @@ left off.
 
 ### The Cabinet (included in lean)
 
-27 expert cabinet members who each own a domain and stay in their lane.
+30 expert cabinet members who each own a domain and stay in their lane.
 **Speed-freak** watches performance. **Boundary-man** catches edge cases.
 **Record-keeper** flags when docs drift from code. **Workflow-cop**
 evaluates whether your process actually works. Each member has a
@@ -176,7 +176,7 @@ source code.
 ```
 .claude/
 ├── skills/          # orient, debrief, plan, execute, audit, etc.
-│   └── cabinet-*/   # 27 cabinet member definitions
+│   └── cabinet-*/   # 30 cabinet member definitions
 ├── cabinet/         # committees, lifecycle, composition patterns
 ├── briefing/        # project briefing templates
 ├── hooks/           # git guardrails, telemetry

package/lib/cli.js

@@ -356,7 +356,7 @@ const MODULES = {
     mandatory: false,
     default: true,
     lean: true,
-    templates: ['hooks/git-guardrails.sh', 'hooks/cc-upstream-guard.sh', 'hooks/skill-telemetry.sh', 'hooks/skill-tool-telemetry.sh', 'scripts/cc-drift-check.cjs'],
+    templates: ['hooks/git-guardrails.sh', 'hooks/cc-upstream-guard.sh', 'hooks/skill-telemetry.sh', 'hooks/skill-tool-telemetry.sh', 'hooks/work-tracker-guard.sh', 'hooks/action-quality-gate.sh', 'hooks/action-completion-gate.sh', 'hooks/domain-memories.sh', 'scripts/cc-drift-check.cjs'],
   },
   'work-tracking': {
     name: 'Work Tracking (pib-db or markdown)',
@@ -412,6 +412,7 @@ const MODULES = {
       'scripts/merge-findings.js', 'scripts/load-triage-history.js',
       'scripts/triage-server.mjs', 'scripts/triage-ui.html',
       'scripts/finding-schema.json', 'scripts/resolve-committees.cjs',
+      'scripts/review-server.mjs', 'scripts/review-ui.html',
     ],
   },
   'lifecycle': {
@@ -437,7 +438,7 @@ const MODULES = {
     default: true,
     lean: false,
     needsOmega: true,
-    templates: ['skills/memory', 'scripts/cabinet-memory-adapter.py', 'rules/memory-capture.md', 'hooks/omega-memory-guard.sh'],
+    templates: ['skills/memory', 'scripts/cabinet-memory-adapter.py', 'scripts/migrate-memory-to-omega.py', 'rules/memory-capture.md', 'hooks/omega-memory-guard.sh'],
   },
 };
 

package/lib/settings-merge.js

@@ -26,6 +26,15 @@ const DEFAULT_HOOKS = {
         },
       ],
     },
+    {
+      matcher: 'Bash',
+      hooks: [
+        {
+          type: 'command',
+          command: '.claude/hooks/work-tracker-guard.sh',
+        },
+      ],
+    },
     {
       matcher: 'Edit|Write',
       hooks: [
@@ -35,6 +44,33 @@ const DEFAULT_HOOKS = {
         },
       ],
     },
+    {
+      matcher: 'Edit|Write',
+      hooks: [
+        {
+          type: 'prompt',
+          command: '.claude/hooks/domain-memories.sh',
+        },
+      ],
+    },
+    {
+      matcher: 'pib_create_action',
+      hooks: [
+        {
+          type: 'command',
+          command: '.claude/hooks/action-quality-gate.sh',
+        },
+      ],
+    },
+    {
+      matcher: 'pib_complete_action',
+      hooks: [
+        {
+          type: 'command',
+          command: '.claude/hooks/action-completion-gate.sh',
+        },
+      ],
+    },
   ],
   UserPromptSubmit: [
     {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-claude-cabinet",
-  "version": "0.18.0",
+  "version": "0.19.1",
   "description": "Claude Cabinet — opinionated process scaffolding for Claude Code projects",
   "bin": {
     "create-claude-cabinet": "bin/create-claude-cabinet.js"

package/templates/README.md

@@ -27,7 +27,7 @@ templates, see [EXTENSIONS.md](EXTENSIONS.md).
 | `rules/enforcement-pipeline.md` | Generic enforcement pipeline: capture, classify, promote, encode, monitor. Describes the compliance stack and promotion criteria. |
 | `rules/memory-capture.md` | When and how to capture memories to omega. What to capture, what not to, cadence guidance. |
 
-### Skills (22 workflow + 27 cabinet members)
+### Skills (22 workflow + 30 cabinet members)
 
 **Workflow Skills:**
 

package/templates/hooks/action-completion-gate.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# PreToolUse hook on pib_complete_action
+# Blocks completion unless verification breadcrumb exists.
+#
+# The execute skill writes breadcrumbs to .claude/verification/<fid>.json
+# at two points:
+#   Step 1 (spec loaded): spec_read = true
+#   Step 7 (AC verified): ac_verified = true
+#
+# This hook checks both phases are recorded.
+# Works whether you used /execute or worked ad-hoc.
+
+INPUT="$CLAUDE_TOOL_INPUT"
+FID=$(echo "$INPUT" | python3 -c "import sys,json; print(json.load(sys.stdin).get('fid',''))" 2>/dev/null)
+
+if [ -z "$FID" ]; then
+  echo '{"decision":"allow"}'
+  exit 0
+fi
+
+VERIFY_DIR=".claude/verification"
+BREADCRUMB="$VERIFY_DIR/$FID.json"
+
+if [ ! -f "$BREADCRUMB" ]; then
+  NOW=$(date -u +%Y-%m-%dT%H:%M:%SZ)
+  cat <<EOF
+{"decision":"block","reason":"No verification record for action $FID. Before completing:\n1. Read the full spec: use pib_get_action with fid $FID\n2. Create breadcrumb: mkdir -p $VERIFY_DIR && echo '{\"fid\":\"$FID\",\"spec_read\":true,\"spec_read_at\":\"$NOW\",\"ac_verified\":false}' > $BREADCRUMB\n3. Verify each AC against implementation\n4. Update breadcrumb with ac_verified:true and verification_summary\n5. Retry completion."}
+EOF
+  exit 0
+fi
+
+# Check breadcrumb has both phases
+SPEC_READ=$(python3 -c "import json; d=json.load(open('$BREADCRUMB')); print(d.get('spec_read',False))" 2>/dev/null)
+AC_VERIFIED=$(python3 -c "import json; d=json.load(open('$BREADCRUMB')); print(d.get('ac_verified',False))" 2>/dev/null)
+
+if [ "$SPEC_READ" != "True" ]; then
+  echo "{\"decision\":\"block\",\"reason\":\"Verification record exists but spec not read. Use pib_get_action to read full notes for $FID, then update $BREADCRUMB with spec_read: true.\"}"
+  exit 0
+fi
+
+if [ "$AC_VERIFIED" != "True" ]; then
+  echo "{\"decision\":\"block\",\"reason\":\"Spec was read but ACs not verified. Compare implementation against each acceptance criterion in the spec, then update $BREADCRUMB with ac_verified: true and a verification_summary.\"}"
+  exit 0
+fi
+
+echo '{"decision":"allow"}'

package/templates/hooks/action-quality-gate.sh

@@ -0,0 +1,50 @@
+#!/bin/bash
+# PreToolUse hook on pib_create_action
+# Blocks action creation when notes fail quality checks.
+#
+# Quality criteria (from field feedback analysis):
+# 1. Notes field is present and non-empty
+# 2. Notes are not just a copy of the title (text field)
+# 3. Notes are at least 100 characters (a meaningful paragraph)
+# 4. Notes contain an acceptance criteria section
+# 5. Notes contain a surface area section
+#
+# These fire on ALL pib_create_action calls — whether from /plan,
+# /execute, or ad-hoc. The hook doesn't care how you got here.
+
+INPUT="$CLAUDE_TOOL_INPUT"
+
+NOTES=$(echo "$INPUT" | python3 -c "import sys,json; print(json.load(sys.stdin).get('notes',''))" 2>/dev/null)
+TEXT=$(echo "$INPUT" | python3 -c "import sys,json; print(json.load(sys.stdin).get('text',''))" 2>/dev/null)
+
+if [ -z "$NOTES" ]; then
+  echo '{"decision":"block","reason":"Action notes are empty. Every action needs notes with: implementation details, acceptance criteria (## AC or ## Acceptance Criteria), and surface area (## Surface Area with - files: entries). The bar: a cold-start developer reads ONLY these notes and can implement correctly."}'
+  exit 0
+fi
+
+# Check: notes are not just the title repeated
+if [ "$NOTES" = "$TEXT" ]; then
+  echo '{"decision":"block","reason":"Action notes are identical to the title. Notes must contain implementation details, acceptance criteria, and surface area — not just a restated title."}'
+  exit 0
+fi
+
+# Check: minimum length (100 chars)
+NOTE_LEN=${#NOTES}
+if [ "$NOTE_LEN" -lt 100 ]; then
+  echo "{\"decision\":\"block\",\"reason\":\"Action notes are only ${NOTE_LEN} characters. Minimum is 100. Include: implementation approach, acceptance criteria (## Acceptance Criteria), and surface area (## Surface Area).\"}"
+  exit 0
+fi
+
+# Check: has acceptance criteria section
+if ! echo "$NOTES" | grep -qiE '(## (AC|Acceptance|Criteria)|(\*\*AC|\*\*Acceptance)|- \[[ x]\])'; then
+  echo '{"decision":"block","reason":"Action notes have no acceptance criteria section. Add ## Acceptance Criteria containing testable pass/fail criteria."}'
+  exit 0
+fi
+
+# Check: has surface area section
+if ! echo "$NOTES" | grep -qiE '(## Surface|files:|dirs:)'; then
+  echo '{"decision":"block","reason":"Action notes have no surface area section. Add ## Surface Area with - files: path/to/file entries listing files this action changes."}'
+  exit 0
+fi
+
+echo '{"decision":"allow"}'

package/templates/hooks/domain-memories.sh

@@ -0,0 +1,65 @@
+#!/bin/bash
+# PreToolUse prompt hook on Edit|Write
+# Surfaces prevent-type memories BEFORE editing files in risky domains.
+#
+# Two-tier domain identification:
+# 1. Static map: known high-risk file patterns → behavioral search terms
+# 2. Dynamic fallback: omega query with file path context
+#
+# Projects extend the static map via phases/domain-memories.md
+
+INPUT="$CLAUDE_TOOL_INPUT"
+FILE_PATH=$(echo "$INPUT" | python3 -c "import sys,json; d=json.load(sys.stdin); print(d.get('file_path', d.get('path','')))" 2>/dev/null)
+
+if [ -z "$FILE_PATH" ]; then
+  exit 0
+fi
+
+OMEGA_BIN="$HOME/.claude-cabinet/omega-venv/bin/omega"
+if [ ! -x "$OMEGA_BIN" ]; then
+  exit 0
+fi
+
+# Tier 1: Static domain map — known high-risk patterns
+SEARCH_TERM=""
+case "$FILE_PATH" in
+  *playwright*|*puppeteer*|*selenium*|*cypress*|*webdriver*)
+    SEARCH_TERM="browser automation testing prevent mistakes constraints" ;;
+  *deploy*|*railway*|*docker*|*fly.toml*|*vercel*|*Dockerfile*)
+    SEARCH_TERM="deployment prevent mistakes constraints gotchas" ;;
+  *migration*|*schema*|*.sql*|*prisma*|*drizzle*)
+    SEARCH_TERM="database migration prevent mistakes constraints" ;;
+  *auth*|*session*|*token*|*credential*|*login*|*oauth*)
+    SEARCH_TERM="authentication security prevent mistakes constraints" ;;
+  *webhook*|*stripe*|*payment*|*billing*)
+    SEARCH_TERM="payment webhook prevent mistakes constraints" ;;
+esac
+
+# Check for project-specific domain extensions
+PHASE_FILE=".claude/skills/hooks/phases/domain-memories.md"
+if [ -f "$PHASE_FILE" ] && [ -z "$SEARCH_TERM" ]; then
+  # Phase file can define additional pattern|search terms (one per line)
+  while IFS='|' read -r pattern terms; do
+    [ -z "$pattern" ] && continue
+    if echo "$FILE_PATH" | grep -qE "$pattern"; then
+      SEARCH_TERM="$terms"
+      break
+    fi
+  done < "$PHASE_FILE"
+fi
+
+# Tier 2: Dynamic fallback — query omega with file context
+if [ -z "$SEARCH_TERM" ]; then
+  BASENAME=$(basename "$FILE_PATH")
+  DIRNAME=$(basename "$(dirname "$FILE_PATH")")
+  SEARCH_TERM="prevent mistakes constraints when editing $DIRNAME $BASENAME"
+fi
+
+# Query omega for prevent-type memories
+MEMORIES=$("$OMEGA_BIN" query "$SEARCH_TERM" --type constraint --type error_pattern --limit 3 2>/dev/null)
+
+if [ -n "$MEMORIES" ] && [ "$MEMORIES" != "No results" ] && [ "$MEMORIES" != "[]" ]; then
+  echo "⚠ RELEVANT MEMORIES for $(basename "$FILE_PATH"):"
+  echo "$MEMORIES"
+  echo "---"
+fi

package/templates/hooks/work-tracker-guard.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+# PreToolUse hook on Bash tool
+# Blocks raw SQL operations against work tracker tables.
+# Consuming projects customize via phases/work-tracker-guard.md
+#
+# Default: guards pib-db actions table
+# Disable: phase file with "skip: true"
+
+INPUT="$CLAUDE_TOOL_INPUT"
+COMMAND=$(echo "$INPUT" | python3 -c "import sys,json; print(json.load(sys.stdin).get('command',''))" 2>/dev/null)
+
+if [ -z "$COMMAND" ]; then
+  echo '{"decision":"allow"}'
+  exit 0
+fi
+
+# Check for phase file override
+PHASE_FILE=".claude/skills/hooks/phases/work-tracker-guard.md"
+if [ -f "$PHASE_FILE" ]; then
+  FIRST_LINE=$(head -1 "$PHASE_FILE")
+  if [ "$FIRST_LINE" = "skip: true" ]; then
+    echo '{"decision":"allow"}'
+    exit 0
+  fi
+fi
+
+# Check for SQL operations against actions table
+if echo "$COMMAND" | grep -qiE '(INSERT\s+INTO|UPDATE|DELETE\s+FROM)\s+actions'; then
+  # Override escape hatch
+  if echo "$COMMAND" | grep -q '\-\-force-raw-sql'; then
+    echo '{"decision":"allow","reason":"Raw SQL override acknowledged. Quality gates bypassed."}'
+    exit 0
+  fi
+  echo '{"decision":"block","reason":"Raw SQL against actions table detected. Use MCP tools instead: pib_create_action, pib_update_action, pib_complete_action, pib_get_action. These enforce quality gates. To override (almost certainly wrong): add --force-raw-sql to your command."}'
+  exit 0
+fi
+
+echo '{"decision":"allow"}'

package/templates/rules/enforcement-pipeline.md

@@ -77,7 +77,11 @@ Implement the promoted rule at its target layer:
   `.claude/rules/` file
 - **Hook promotion:** Add to `.claude/settings.json` hooks section.
   Command hooks for deterministic checks, prompt hooks for semantic
-  evaluation.
+  evaluation. **Tooling:** The `hookify` plugin (`claude plugins install
+  hookify`) can generate hooks from natural language — run `/hookify`
+  with a description or let it auto-generate rules from corrected
+  behaviors in the current session. Useful for rapid promotion without
+  hand-writing shell scripts.
 - **Structural encoding:** Modify API, schema, or validation to reject
   invalid states directly
 

package/templates/scripts/migrate-memory-to-omega.py

@@ -0,0 +1,124 @@
+#!/usr/bin/env python3
+"""Migrate flat .claude/memory/*.md files to omega semantic memory.
+
+Usage: python3 migrate-memory-to-omega.py [--dry-run] [--memory-dir PATH]
+
+Features:
+- Detects memory type from filename/content heuristics
+- Tags memories with source project name
+- Checks for near-duplicates before storing (skips if similar exists)
+- Renames migrated files to .md.migrated (idempotent)
+"""
+
+import argparse, json, os, subprocess, sys
+from pathlib import Path
+
+OMEGA_BIN = os.path.expanduser("~/.claude-cabinet/omega-venv/bin/omega")
+
+TYPE_HEURISTICS = {
+    "decision": ["decision", "chose", "decided", "went with", "picked"],
+    "lesson_learned": ["lesson", "learned", "mistake", "gotcha", "never again"],
+    "user_preference": ["prefer", "preference", "always", "never", "style"],
+    "constraint": ["constraint", "limitation", "can't", "must not", "blocked"],
+    "error_pattern": ["error", "bug", "broke", "failed", "crash"],
+}
+
+def detect_project():
+    """Get project name from package.json or directory name."""
+    try:
+        with open("package.json") as f:
+            pkg = json.load(f)
+        return pkg.get("name", Path.cwd().name)
+    except Exception:
+        return Path.cwd().name
+
+def detect_type(filename, content):
+    text = (filename + " " + content).lower()
+    scores = {t: sum(1 for kw in kws if kw in text) for t, kws in TYPE_HEURISTICS.items()}
+    best = max(scores, key=scores.get)
+    return best if scores[best] > 0 else "decision"
+
+def check_duplicate(content):
+    """Query omega for similar memories. Returns True if near-dup found."""
+    try:
+        query = content[:200].replace('"', '\\"').replace("\n", " ")
+        result = subprocess.run(
+            [OMEGA_BIN, "query", query, "--limit", "3"],
+            capture_output=True, text=True, timeout=15
+        )
+        if result.returncode != 0 or not result.stdout.strip():
+            return False
+        content_words = set(content.lower().split())
+        for line in result.stdout.strip().split("\n"):
+            line_words = set(line.lower().split())
+            if len(content_words & line_words) > 0.6 * min(len(content_words), len(line_words)):
+                return True
+        return False
+    except Exception:
+        return False
+
+def migrate_file(filepath, project_name, dry_run=False):
+    content = filepath.read_text(encoding="utf-8").strip()
+    if not content:
+        return "empty", "Skipped — empty file"
+
+    mtype = detect_type(filepath.name, content)
+    tagged_content = f"[source: {project_name}] {content}"
+
+    if dry_run:
+        return "dry_run", f"Would store as {mtype} from {project_name}: {filepath.name}"
+
+    if check_duplicate(content):
+        return "duplicate", f"Near-duplicate found in omega — skipping: {filepath.name}"
+
+    try:
+        result = subprocess.run(
+            [OMEGA_BIN, "store", "--type", mtype, "--text", tagged_content],
+            capture_output=True, text=True, timeout=30
+        )
+        if result.returncode == 0:
+            migrated = filepath.with_suffix(".md.migrated")
+            filepath.rename(migrated)
+            return "migrated", f"Stored as {mtype}, renamed to {migrated.name}"
+        else:
+            return "error", f"omega store failed: {result.stderr.strip()}"
+    except Exception as e:
+        return "error", f"Exception: {e}"
+
+def main():
+    parser = argparse.ArgumentParser(description="Migrate flat memory files to omega")
+    parser.add_argument("--dry-run", action="store_true", help="Show what would be migrated without doing it")
+    parser.add_argument("--memory-dir", default=".claude/memory", help="Path to memory directory")
+    args = parser.parse_args()
+
+    if not os.path.exists(OMEGA_BIN):
+        print(f"ERROR: Omega not found at {OMEGA_BIN}")
+        sys.exit(1)
+
+    memory_dir = Path(args.memory_dir)
+    if not memory_dir.exists():
+        print(f"No memory directory at {memory_dir}")
+        sys.exit(0)
+
+    # Skip MEMORY.md, patterns/, and already-migrated files
+    md_files = [f for f in sorted(memory_dir.glob("**/*.md"))
+                if f.name != "MEMORY.md" and "/patterns/" not in str(f)]
+    if not md_files:
+        print("No .md files to migrate.")
+        sys.exit(0)
+
+    project = detect_project()
+    print(f"Migrating {len(md_files)} files from project '{project}'")
+    if args.dry_run:
+        print("DRY RUN\n")
+
+    counts = {}
+    for f in md_files:
+        status, msg = migrate_file(f, project, args.dry_run)
+        counts[status] = counts.get(status, 0) + 1
+        print(f"  [{status}] {f.name}: {msg}")
+
+    print(f"\nDone. {counts}")
+
+if __name__ == "__main__":
+    main()

package/templates/scripts/review-server.mjs

@@ -0,0 +1,108 @@
+/**
+ * Generic review server — serves the review UI and holds items/verdicts in memory.
+ *
+ * Claude POSTs items to review, user reviews in browser, Claude GETs verdicts.
+ * Works for audit findings, plan critique, plan actions, or any itemized list.
+ *
+ * Usage: node review-server.mjs [--port 3459]
+ *
+ * API:
+ *   POST /api/session   — Claude sends { title, items, verdictLabels?, groups? }
+ *   GET  /api/session    — UI fetches current session
+ *   POST /api/verdicts   — UI submits verdicts
+ *   GET  /api/verdicts   — Claude reads verdicts
+ */
+
+import { createServer } from 'node:http';
+import { readFile } from 'node:fs/promises';
+import { fileURLToPath } from 'node:url';
+import { dirname, join } from 'node:path';
+
+const __dirname = dirname(fileURLToPath(import.meta.url));
+const PORT = parseInt(process.argv.find((_, i, a) => a[i - 1] === '--port') || '3459');
+
+let currentSession = null;
+let currentVerdicts = null;
+
+function json(res, data, status = 200) {
+  res.writeHead(status, {
+    'Content-Type': 'application/json',
+    'Access-Control-Allow-Origin': '*',
+    'Access-Control-Allow-Headers': 'Content-Type',
+    'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+  });
+  res.end(JSON.stringify(data));
+}
+
+const server = createServer(async (req, res) => {
+  const url = new URL(req.url, `http://localhost:${PORT}`);
+
+  if (req.method === 'OPTIONS') {
+    res.writeHead(204, {
+      'Access-Control-Allow-Origin': '*',
+      'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',
+      'Access-Control-Allow-Headers': 'Content-Type',
+    });
+    return res.end();
+  }
+
+  // Serve HTML
+  if (req.method === 'GET' && url.pathname === '/') {
+    try {
+      const html = await readFile(join(__dirname, 'review-ui.html'), 'utf-8');
+      res.writeHead(200, { 'Content-Type': 'text/html' });
+      return res.end(html);
+    } catch (err) {
+      res.writeHead(500);
+      return res.end('Failed to read review-ui.html');
+    }
+  }
+
+  // POST /api/session — Claude sends items to review
+  if (req.method === 'POST' && url.pathname === '/api/session') {
+    let body = '';
+    for await (const chunk of req) body += chunk;
+    try {
+      currentSession = JSON.parse(body);
+      currentVerdicts = null;
+      console.log(`Review session: "${currentSession.title}" — ${currentSession.items?.length || 0} items`);
+      return json(res, { ok: true, count: currentSession.items?.length || 0 });
+    } catch (err) {
+      return json(res, { error: 'Invalid JSON' }, 400);
+    }
+  }
+
+  // GET /api/session — UI fetches current session
+  if (req.method === 'GET' && url.pathname === '/api/session') {
+    if (!currentSession) return json(res, { active: false });
+    return json(res, { active: true, ...currentSession });
+  }
+
+  // POST /api/verdicts — UI submits verdicts
+  if (req.method === 'POST' && url.pathname === '/api/verdicts') {
+    let body = '';
+    for await (const chunk of req) body += chunk;
+    try {
+      currentVerdicts = JSON.parse(body);
+      console.log(`Received ${currentVerdicts.reviewed}/${currentVerdicts.total} verdicts`);
+      return json(res, { ok: true });
+    } catch (err) {
+      return json(res, { error: 'Invalid JSON' }, 400);
+    }
+  }
+
+  // GET /api/verdicts — Claude reads verdicts
+  if (req.method === 'GET' && url.pathname === '/api/verdicts') {
+    if (!currentVerdicts) {
+      return json(res, { submitted: false, message: 'No verdicts submitted yet' });
+    }
+    return json(res, { submitted: true, ...currentVerdicts });
+  }
+
+  res.writeHead(404);
+  res.end('Not found');
+});
+
+server.listen(PORT, () => {
+  console.log(`Review server running at http://localhost:${PORT}`);
+});